Recent releases of data from old breaches of the major social media companies like LinkedIn and MySpace should not be as harmful if not for a rampant re-use of the passwords. Alex Holden comments to The Wall Street Journal on recent revelations based on supposed Twitter data.
Reuters story highlights more details about our discovery. The business of recovering stolen credentials is not as simple as it would seem. We have set records before, initially with the Adobe user database including 153 million records, then with 360 million recovered in February 2014, and finally with 1.2 billion credentials in the most substantial breach known to-date. Today, large amounts of stolen credentials may not grab headlines, but they never lose their potency, especially when they are recovered by the good guys and returned to the rightful owners.
On a daily basis hackers use known security weaknesses to do bulk exploitation of thousands of websites. Usually, we see anywhere between one and three thousand sites breached every day. Once exploited, they install a backdoor (web shell) allowing them to take control of the site.
Hold Security identifies a Russian-speaking gang breaching dating websites.
Alex Holden’s article in IB Times: Ashley Madison hack: 'Most dating websites have been breached and user info sold on the dark web'.
Alex Holden’s article in IB Times: Hackers sell exploits on the Dark Web to steal everything from your smartphone.
Alex Holden’s article in IB Times: New breed of lone wolf hackers.
Alex Holden’s article in IB Times: Ukraine Crisis, weapons on the Dark web.